During the night, more than 8000 Solana wallets have been emptied, in what appears to be a massive attack exploiting a vulnerability in the blockchain network competing with Ethereum. From 2 this morning, the equivalent of over $ 6 million stolen to investors around the world, who seem to have an inactive crypto account in common in recent months.
The peculiarity of this dimensional operation is that, at this moment, no progress in research has allowed us to understand what was happening. We also do not know who the author of these cryptocurrency thefts is, nor the loophole through which the thieves would have managed to steal Solana accounts. For the moment, 4 addresses have been identified but the progress of the research does not allow to know who is hiding behind. On Twitter, one user noted that the addresses had been seen at the end of 2021 on Binance.
In a statement, a spokesman for Solana said “Engineers from multiple ecosystems, with the help of multiple security companies, are investigating the depleted wallets on Solana. There is no evidence that hardware wallets are affected “. Solana added, in an update this morning, that she ruled out the only possibility that the error came from her own network.
Binance Funded Scammers Wallet 7 months ago https://t.co/5gQbObcsg4 https://t.co/sco5SPBrne pic.twitter.com/AL6Hm4F3R3
– ZachXBT (@zachxbt) August 3, 2022
Recall that Solana is currently the ninth cryptocurrency in the world in the ranking of the largest capitalizations. The project aims to compete with Ethereum by offering a much faster blockchain and network in processing operations, so that you can implement DeFi projects there in a simpler and cheaper way. But for many, the Solana project is just an empty shell. The creators of Solana Labs are Qualcomm alumni.
Solana is a blockchain based on Proof Of Stake (POS) technology. However, what makes it unique is the use of an additional technological layer: the Proof Of History (POH). PoH is a new way of thinking about the network.
Solana wallet victims of hacking
Overall, the emptied accounts are the Phantom and Slope accounts. In the Twitter follow-up of Solana’s support, we also learn that most of the targeted accounts are inactive accounts for a while. The spokesperson added “Much remains unknown at this point, except hardware wallets aren’t affected. There are also numerous reports of compromised ETH wallets, but it is unclear whether this is a related or separate issue. “
News that once again benefits the “cold” wallets., in other words physical portfolios like Ledger’s. On this type of key, your cryptocurrencies are stored offline and you are the only one with the private key, unlike platforms like Binance, Coinbase or even FTX where every wallet you open on a blockchain gives the platform access to this private key and the possibility for it to commandeer your funds (for example in the event of an economic blow).
Explore Ledger wallets
As noted by our colleagues from Corner newspaper, it is therefore better to protect your cryptocurrencies if it has not already been done on your side. Likewise, remember to revoke your access permissions to your wallets, the kind of process you probably won’t be able to complete when interacting with a smart contract or when confining an NFT.
Solana’s hacking is still ongoing. More info to come …